Infoblox ActiveTrust Cloud extends security protection to help prevent DNS-based data exfiltration and detect malware.
Infoblox ActiveTrust Cloud provides visibility into infected and compromised devices on or off-premises, prevents DNS based data exfiltration and automatically stops device communications with C&Cs/botnets using an automated, high quality threat intelligence reputation feed and unique behavioral analytics. Infoblox is the first and only DNS vendor to provide an on-premises and a cloud service for data exfiltration prevention and malware containment with unified policy management, analytics and reporting.
Product Features
DNS Firewall/DNS Response Policy Zones (RPZs)
- Disrupt malicious DNS-based communication to C&C
Threat Insight
- Detect & block DNS-based data exfiltration via behavioral analytics
Threat Intelligence Data
- Stop evolving domain/IP threat risks with updated threat intelligence
Dossier
- Identify immediate threat context with Google-like threat searching
Reporting and Analytics
- Easily search infections and compromised devices for faster remediation
Product Benefits
Prevent DNS-based data exfiltration others can’t detect
- Stops data from getting out via DNS by using streaming analytics and domain blacklisting
Integrated into DNS without disruptive changes
- Detects malware early through a purpose-built solution without the need to deploy infrastructure
Faster threat investigation
- Identifies risks using threat context and inputs from multiple systems in unified solution
Unified policy management, analytics & reporting
- Allows admins to set policy once for each user and seamlessly manage across distributed deployments
Improved visiblity and rich network context
- Provides detailed views including IP/MAC addresses, device type/OS, and DHCP lease history
Accelerated remediation with Ecosystem Integrations
- Shares information with other security tools including endpoint, NAC, scanners, and SIEMs